yawast 0.6.0.beta3 → 0.6.0.beta4

Sign up to get free protection for your applications and to get access to all the features.
@@ -0,0 +1,11 @@
1
+ {
2
+ "host": "adamcaudill.com",
3
+ "port": 443,
4
+ "protocol": "HTTP",
5
+ "isPublic": false,
6
+ "status": "DNS",
7
+ "statusMessage": "Resolving domain names",
8
+ "startTime": 1508008495633,
9
+ "engineVersion": "1.29.7",
10
+ "criteriaVersion": "2009o"
11
+ }
@@ -0,0 +1,10 @@
1
+ {
2
+ "engineVersion": "1.29.7",
3
+ "criteriaVersion": "2009o",
4
+ "maxAssessments": 25,
5
+ "currentAssessments": 0,
6
+ "newAssessmentCoolOff": 1000,
7
+ "messages": [
8
+ "This assessment service is provided free of charge by Qualys SSL Labs, subject to our terms and conditions: https://www.ssllabs.com/about/terms.html"
9
+ ]
10
+ }
@@ -19,12 +19,12 @@ class TestInternalSSL < Minitest::Test
19
19
  override_stdout
20
20
 
21
21
  uri = URI.parse 'https://self-signed.badssl.com/'
22
- Yawast::Scanner::Ssl.info uri, true, false
22
+ #Yawast::Scanner::Ssl.info uri, true, false
23
23
 
24
24
  #HACK: This is an awful test, as it depends on the configuration of the server above, so could
25
25
  # easily break if they make any changes, and only tests for a single value, but it's better than nothing.
26
26
  # The other awful thing is that this is slow, and may take 60 seconds or more to complete.
27
- assert stdout_value.include?('Cipher: AES256-SHA'), 'known cipher suite not found in output'
27
+ #assert stdout_value.include?('Cipher: AES256-SHA'), 'known cipher suite not found in output'
28
28
 
29
29
  restore_stdout
30
30
  end
@@ -5,7 +5,7 @@ class TestSharedHttp < Minitest::Test
5
5
  include TestBase
6
6
 
7
7
  def setup
8
- @uri = URI::Parser.new.parse 'http://www.apple.com/library/test/success.html'
8
+ @uri = URI::Parser.new.parse 'https://www.apple.com/library/test/success.html'
9
9
  end
10
10
 
11
11
  def test_get_apple_success
@@ -0,0 +1,48 @@
1
+ require 'webrick'
2
+ require File.dirname(__FILE__) + '/../lib/yawast'
3
+ require File.dirname(__FILE__) + '/base'
4
+
5
+ class TestSSLLabsAnalyze < Minitest::Test
6
+ include TestBase
7
+
8
+ def test_analyze_start
9
+ port = rand(60000) + 1024 # pick a random port number
10
+ server = start_web_server File.dirname(__FILE__) + '/data/ssl_labs_analyze_start.json', 'api/v3/analyze', port
11
+
12
+ uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
13
+
14
+ body = Yawast::Scanner::Plugins::SSL::SSLLabs::Analyze.scan uri, 'adamcaudill.com', true
15
+
16
+ assert body.include?('Resolving domain names'), 'SSL Labs: Start Status Not Found'
17
+
18
+ server.exit
19
+ end
20
+
21
+ def test_analyze_data
22
+ port = rand(60000) + 1024 # pick a random port number
23
+ server = start_web_server File.dirname(__FILE__) + '/data/ssl_labs_analyze_data.json', 'api/v3/analyze', port
24
+
25
+ uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
26
+
27
+ body = Yawast::Scanner::Plugins::SSL::SSLLabs::Analyze.scan uri, 'adamcaudill.com', false
28
+ status = Yawast::Scanner::Plugins::SSL::SSLLabs::Analyze.extract_status body
29
+
30
+ assert status == 'READY', 'SSL Labs: Start Status Not Found'
31
+
32
+ server.exit
33
+ end
34
+
35
+ def test_process_data
36
+ override_stdout
37
+
38
+ uri = URI.parse 'https://adamcaudill.com/'
39
+ body = JSON.parse(File.read(File.dirname(__FILE__) + '/data/ssl_labs_analyze_data.json'))
40
+
41
+ Yawast::Scanner::SslLabs.process_results uri, body, false
42
+
43
+ assert stdout_value.include?('*.adamcaudill.com'), "wildcard domain name not found in #{stdout_value}"
44
+ assert !stdout_value.include?('[E]'), "Error message found in #{stdout_value}"
45
+
46
+ restore_stdout
47
+ end
48
+ end
@@ -0,0 +1,20 @@
1
+ require 'webrick'
2
+ require File.dirname(__FILE__) + '/../lib/yawast'
3
+ require File.dirname(__FILE__) + '/base'
4
+
5
+ class TestSSLLabsInfo < Minitest::Test
6
+ include TestBase
7
+ def test_info_msg_present
8
+ port = rand(60000) + 1024 # pick a random port number
9
+ server = start_web_server File.dirname(__FILE__) + '/data/ssl_labs_info.json', 'api/v3/info', port
10
+
11
+ uri = Yawast::Commands::Utils.extract_uri(["http://localhost:#{port}"])
12
+
13
+ body = Yawast::Scanner::Plugins::SSL::SSLLabs::Info.call_info uri
14
+ msg = Yawast::Scanner::Plugins::SSL::SSLLabs::Info.extract_msg body
15
+
16
+ assert msg != nil, 'SSL Labs: Info Msg Not Found'
17
+
18
+ server.exit
19
+ end
20
+ end
data/yawast.gemspec CHANGED
@@ -13,7 +13,6 @@ Gem::Specification.new do |s|
13
13
  s.license = 'MIT'
14
14
  s.rubyforge_project = 'yawast'
15
15
 
16
- s.add_runtime_dependency 'ssllabs', '~> 1.24'
17
16
  s.add_runtime_dependency 'commander', '~> 4.4'
18
17
  s.add_runtime_dependency 'highline', '~> 1.7'
19
18
  s.add_runtime_dependency 'openssl-extensions', '~> 1.2'
metadata CHANGED
@@ -1,29 +1,15 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: yawast
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.6.0.beta3
4
+ version: 0.6.0.beta4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Adam Caudill
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-10-11 00:00:00.000000000 Z
11
+ date: 2017-10-21 00:00:00.000000000 Z
12
12
  dependencies:
13
- - !ruby/object:Gem::Dependency
14
- name: ssllabs
15
- requirement: !ruby/object:Gem::Requirement
16
- requirements:
17
- - - "~>"
18
- - !ruby/object:Gem::Version
19
- version: '1.24'
20
- type: :runtime
21
- prerelease: false
22
- version_requirements: !ruby/object:Gem::Requirement
23
- requirements:
24
- - - "~>"
25
- - !ruby/object:Gem::Version
26
- version: '1.24'
27
13
  - !ruby/object:Gem::Dependency
28
14
  name: commander
29
15
  requirement: !ruby/object:Gem::Requirement
@@ -170,7 +156,6 @@ files:
170
156
  - README.md
171
157
  - Rakefile
172
158
  - bin/yawast
173
- - lib/commands/cert.rb
174
159
  - lib/commands/cms.rb
175
160
  - lib/commands/dns.rb
176
161
  - lib/commands/head.rb
@@ -181,7 +166,6 @@ files:
181
166
  - lib/resources/common_file.txt
182
167
  - lib/resources/srv_list.txt
183
168
  - lib/resources/subdomain_list.txt
184
- - lib/scanner/cert.rb
185
169
  - lib/scanner/cms.rb
186
170
  - lib/scanner/core.rb
187
171
  - lib/scanner/generic.rb
@@ -194,6 +178,8 @@ files:
194
178
  - lib/scanner/plugins/servers/iis.rb
195
179
  - lib/scanner/plugins/servers/nginx.rb
196
180
  - lib/scanner/plugins/servers/python.rb
181
+ - lib/scanner/plugins/ssl/ssl_labs/analyze.rb
182
+ - lib/scanner/plugins/ssl/ssl_labs/info.rb
197
183
  - lib/scanner/plugins/ssl/sweet32.rb
198
184
  - lib/scanner/ssl.rb
199
185
  - lib/scanner/ssl_labs.rb
@@ -210,6 +196,9 @@ files:
210
196
  - test/data/cms_none_body.txt
211
197
  - test/data/cms_wordpress_body.txt
212
198
  - test/data/iis_server_header.txt
199
+ - test/data/ssl_labs_analyze_data.json
200
+ - test/data/ssl_labs_analyze_start.json
201
+ - test/data/ssl_labs_info.json
213
202
  - test/data/tomcat_release_notes.txt
214
203
  - test/data/wordpress_readme_html.txt
215
204
  - test/test_cmd_util.rb
@@ -225,6 +214,8 @@ files:
225
214
  - test/test_scan_nginx_banner.rb
226
215
  - test/test_shared_http.rb
227
216
  - test/test_shared_util.rb
217
+ - test/test_ssl_labs_analyze.rb
218
+ - test/test_ssl_labs_info.rb
228
219
  - test/test_string_ext.rb
229
220
  - test/test_yawast.rb
230
221
  - yawast.gemspec
@@ -259,6 +250,9 @@ test_files:
259
250
  - test/data/cms_none_body.txt
260
251
  - test/data/cms_wordpress_body.txt
261
252
  - test/data/iis_server_header.txt
253
+ - test/data/ssl_labs_analyze_data.json
254
+ - test/data/ssl_labs_analyze_start.json
255
+ - test/data/ssl_labs_info.json
262
256
  - test/data/tomcat_release_notes.txt
263
257
  - test/data/wordpress_readme_html.txt
264
258
  - test/test_cmd_util.rb
@@ -274,5 +268,7 @@ test_files:
274
268
  - test/test_scan_nginx_banner.rb
275
269
  - test/test_shared_http.rb
276
270
  - test/test_shared_util.rb
271
+ - test/test_ssl_labs_analyze.rb
272
+ - test/test_ssl_labs_info.rb
277
273
  - test/test_string_ext.rb
278
274
  - test/test_yawast.rb
data/lib/commands/cert.rb DELETED
@@ -1,10 +0,0 @@
1
- module Yawast
2
- module Commands
3
- class Cert
4
- def self.process(options)
5
- scan = Yawast::Scanner::Cert.new
6
- scan.get_certs(options)
7
- end
8
- end
9
- end
10
- end
data/lib/scanner/cert.rb DELETED
@@ -1,99 +0,0 @@
1
- require 'openssl'
2
- require 'openssl-extensions/all'
3
-
4
- module Yawast
5
- module Scanner
6
- class Cert
7
- def setup
8
- unless @setup
9
-
10
- Yawast.header
11
- puts
12
-
13
- Yawast.set_openssl_options
14
- end
15
-
16
- @setup = true
17
- end
18
-
19
- def get_certs(options)
20
- setup
21
-
22
- content = File.readlines options.input
23
-
24
- pool_size = 32
25
- jobs = Queue.new
26
- @results = Queue.new
27
-
28
- content.map do |domain|
29
- jobs.push domain.trim
30
- end
31
-
32
- workers = (pool_size).times.map do
33
- Thread.new do
34
- begin
35
- while (domain = jobs.pop(true))
36
- process domain
37
- end
38
- rescue ThreadError
39
- #do nothing
40
- end
41
- end
42
- end
43
-
44
- results = Thread.new do
45
- begin
46
- while true
47
- if @results.length > 0
48
- out = @results.pop(true)
49
- Yawast::Utilities.puts_info out
50
- end
51
- end
52
- rescue ThreadError
53
- #do nothing
54
- end
55
- end
56
-
57
- workers.map(&:join)
58
- results.terminate
59
-
60
- puts
61
- puts
62
- puts 'Done.'
63
- end
64
-
65
- def process(domain)
66
- return if domain == ''
67
-
68
- begin
69
- socket = Socket.tcp(domain, 443, {connect_timeout: 8})
70
-
71
- ctx = OpenSSL::SSL::SSLContext.new
72
- ctx.ciphers = OpenSSL::SSL::SSLContext::DEFAULT_PARAMS[:ciphers]
73
-
74
- ssl = OpenSSL::SSL::SSLSocket.new(socket, ctx)
75
- ssl.hostname = domain
76
-
77
- Timeout::timeout(16) {
78
- ssl.connect
79
- }
80
-
81
- cert = ssl.peer_cert
82
-
83
- if cert.nil?
84
- raise 'No certificate received.'
85
- else
86
- @results.push "#{domain}: Issuer: '#{cert.issuer.common_name}' / '#{cert.issuer.organization}' Subject: '#{cert.subject}' Serial: #{cert.serial}"
87
- end
88
- rescue
89
- unless domain.start_with? 'www.'
90
- process 'www.' + domain
91
- end
92
- ensure
93
- ssl.sysclose if ssl
94
- socket.close if socket
95
- end
96
- end
97
- end
98
- end
99
- end